- An attack on FreshClick has exposed customer payment details and more
- The extension is used by Zagg’s eCommerce provider, BigCommerce.
- Affected customers get free credit monitoring for one year
Zagg notified affected customers of a data breach that compromised highly sensitive information, including payment card details.
In a letter dated December 26, 2024 (via the Maine Attorney General’s Office), the company confirmed a 12-day attack between October 26 and November 7, which it learned about a day later, on November 8.
The issue arises from an attack on FreshClick, a third-party application used by Zagg’s e-commerce software platform provider, BigCommerce.
Zagg confirms cyber attack
“We have learned that an unknown actor injected the FreshClick app with malicious code designed to extract credit card data entered as part of the checkout process for certain ZAGG.com customer transactions between October 26, 2024 and on November 7, 2024,” the company said. confirmed.
As a result, names, shipping and billing addresses, and payment card information could be at risk.
In recognition of the severity of the attack, Zagg is offering affected customers 12 months of access to credit monitoring through Experian. It also urges customers to monitor their financial accounts, place fraud alerts and consider freezing credit to prevent identity theft.
BigCommerce said (via ringing computer): “Acting in the best interest of our customers and their buyers, we immediately uninstalled the app in their stores, removing any compromised API and malicious code.”
Basic Internet hygiene principles, such as being cautious when sharing certain information and following potentially malicious links, go a long way to protecting consumers against potential attacks; However, when an attack hits a third-party service like this, there is very little consumers can do, highlighting the widespread risks of online activity.
Apologizing for the inconvenience, Zagg has set up a dedicated phone line for concerned customers to seek further answers and advice.
